CVE-2018-16838 is patched in our version of sssd but it doesn't have a vulnerable version range in the NVD database, that's why it needs to be ignored.
Signed-off-by: Davide Gardenal <[email protected]> --- recipes-security/sssd/sssd_2.5.2.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/recipes-security/sssd/sssd_2.5.2.bb b/recipes-security/sssd/sssd_2.5.2.bb index 9f1d627..4c75e0a 100644 --- a/recipes-security/sssd/sssd_2.5.2.bb +++ b/recipes-security/sssd/sssd_2.5.2.bb @@ -28,6 +28,10 @@ SRC_URI = "https://github.com/SSSD/sssd/releases/download/${PV}/sssd-${PV}.tar.g SRC_URI[sha256sum] = "5e21b3c7b4a2f1063d0fbdd3216d29886b6eaba153b44fb5961698367f399a0f" +CVE_CHECK_IGNORE += "\ + CVE-2018-16838 \ +" + inherit autotools pkgconfig gettext python3-dir features_check systemd REQUIRED_DISTRO_FEATURES = "pam" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#57558): https://lists.yoctoproject.org/g/yocto/message/57558 Mute This Topic: https://lists.yoctoproject.org/mt/92456105/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
